Fake DMCA complaints, DDoS threats lead to BazaLoader malware

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/fake-dmca-complaints-ddos-threats-lead-to-bazaloader-malware/

Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service (DDoS) attacks.
The messages contain a legal threat and a file stored in a Google Drive folder that allegedly provides evidence of the source of the attack.

Fake legal threats​

The DDoS theme is a variation of another lure, a Digital Millennium Copyright Act (DMCA) infringement complaint linking to a file that supposedly contains evidence about stealing images.
In submissions seen by BleepingComputer, the threat actor used Firebase URLs to push BazaLoader. The goal is the same though: use contact forms to deliver BazaLoader malware that often drops Cobalt Strike, which can lead to data theft or a ransomware attack.

Fake DMCA and DDoS complaints lead to BazaLoader malware

Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service (DDoS) attacks.

www.bleepingcomputer.com